How Governments Can Combat Ransomware Computer Hacks

The recent attack on Atlanta’s computer system disrupted service in at least five of the city’s 13 departments. Civil workers were reduced to the pre-computer era of longhand.

Although the ransom demanded by the hackers was surprisingly minimal—$51,000 in bitcoin—the damage to the files, software and hardware will take months to sort out.

Frank Shafroth, director of George Mason University’s State and Local Government Leadership Center, has spoken to local and government officials and developed a number of preventative and responsive tactics governments can take to prevent expensive and disruptive computer hacks.

“It's a new era of digital extortion for the nation's cities, counties, school districts and state governments, at a time when far too few of them are even minimally prepared to respond,” said Shafroth, a professor in George Mason’s Schar School of Policy and Government.

Shafroth recommends: 

  • “If your government does not already have a chief information security officer, hire and empower one,” he said.
  • Engage with the Multi-State Information Sharing & Analysis Center, which is responsible for improving the overall cybersecurity posture of the nation's state, local, tribal and territorial governments.
  • Ask the federal Department of Homeland Security to do a “SWOT analysis”—searching out strengths, weaknesses, opportunities and threats—of your digital infrastructure.
  • Ask the state to put some skin in the game, especially if your local government is a small one.

Shafroth’s column in the April 6 edition of Governing expands on these points.

Frank Shafroth can be reached at 703-993-8560 or fshafrot@gmu.edu.

For more information, contact Buzz McClain at 703-727-0230 or bmcclai2@gmu.edu.